CVSS: 10.0EPSS: 97%CPEs: 2EXPL: 11CVE-2017-7269 – Microsoft Windows Server Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2017-7269
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Desbordamiento de búfer en la función ScStoragePathFromUrl en el servicio WebDAV en Internet Information Services (IIS) 6.0 en Microsoft Windows Server 2003 R2 permite a atacantes remotos ejecutar código arbitrario a través de una cabecera larga comenzando con "If: Microsoft IIS version 6.0 suffers from a WebDAV ScStoragePathFromUrl buffer overflow vulnerability. Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with "If: <http://" in a PROPFIND request. • https://www.exploit-db.com/exploits/41992 https://www.exploit-db.com/exploits/41738 https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269 https://github.com/lcatro/CVE-2017-7269-Echo-PoC https://github.com/Al1ex/CVE-2017-7269 https://github.com/caicai1355/CVE-2017-7269-exploit https://github.com/N3rdyN3xus/CVE-2017-7269 https://github.com/VanishedPeople/CVE-2017-7269 https://github.com/denchief1/CVE-2017-7269 https://github.com/Cappricio-Securities/CVE-2017-7269 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 97%CPEs: 2EXPL: 1CVE-2010-1899 – Microsoft IIS 6.0 - ASP Stack Overflow Stack Exhaustion (Denial of Service) (MS10-065)
https://notcve.org/view.php?id=CVE-2010-1899
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability." Vulnerabilidad de consumo en la pila en la aplicación ASP de Microsoft Internet Information Services (IIS) v5.1, v6.0, v7.0, y v7.5 permite a atacantes remotos causar una denegación de servicio (parada de demonio) a través de peticiones manipuladas, relacionadas con asp.dll, también conocido como "IIS Repeated Parameter Request Denial of Service Vulnerability". The vulnerability allows remote unauthenticated attackers to force the IIS server to become unresponsive until the IIS service is restarted manually by the administrator. Required is that Active Server Pages are hosted by the IIS and that an ASP script reads out a Post Form value. • https://www.exploit-db.com/exploits/15167 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7127 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.5EPSS: 10%CPEs: 17EXPL: 0CVE-2010-1256
https://notcve.org/view.php?id=CVE-2010-1256
Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability." Vulnerabilidad no especificada en Microsoft IIS 6.0, 7.0 y 7.5 cuando la Protección Extended por Autenticación está habilitada, permite a usuarios autenticados en remoto ejecutar código de su elección mediante vectores desconocidos relacionados con "la comprobación del token" que provocan una corrupción de memoria. También se conoce como "Vulnerabilidad de Corrupción de Memoria en la Autenticación IIS" • http://www.securityfocus.com/bid/40573 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-040 https://exchange.xforce.ibmcloud.com/vulnerabilities/58864 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7149 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 1CVE-2003-1582
https://notcve.org/view.php?id=CVE-2003-1582
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue. Microsoft Internet Information Services (IIS) v6.0, cuando la resolución DNS es activada para direcciones IP de clientes, pemrite a atacantes remotos ejecutar texto de su elección en el fichero log a través de peticiones HTTP en conjunción con una respuesta DNS manipulada, como quedó demostrado en la secuencia de inyección XSS, relacionados con el tema "Inverse Lookup Log Corruption (ILLC)". • http://www.securityfocus.com/archive/1/313867 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 97%CPEs: 19EXPL: 7CVE-2009-3023 – MS09-053 Microsoft IIS FTP Server NLST Response Overflow
https://notcve.org/view.php?id=CVE-2009-3023
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." Un desbordamiento de búfer en el Servicio FTP en Internet Information Services (IIS) de Microsoft versiones 5.0 hasta 6.0, permite a los usuarios autenticados remotos ejecutar código arbitrario por medio de un comando NLST (LISTA DE NOMBRES) diseñado que utiliza comodines, conllevando a la corrupción de memoria, también se conoce como "IIS FTP Service RCE and DoS Vulnerability". • https://www.exploit-db.com/exploits/9559 https://www.exploit-db.com/exploits/9541 https://www.exploit-db.com/exploits/16740 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ975191 http://www.exploit-db.com/exploits/9541 http://www.exploit-db.com/exploits/9559 http://www.kb.cert.org/vuls/id/276653 http://www.securityfocus.com/bid/36189 http://www.us-cert.gov/cas/techalerts/TA09-286A.html http://www.vupen.com/english/advisories/2009/2481 https& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •